Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e75e46c0-2d4d-42fd-a050-85f835672397.roa
File: e75e46c0-2d4d-42fd-a050-85f835672397.roa (raw, json)
Hash identifier: HcRIup5wVKA6kKZAhtO8SiDW7N5XUU/Xl9WijI98QUA=
Subject key identifier: 72:1B:9B:7F:78:1A:18:20:E5:8A:2B:A1:E2:CC:7F:34:A3:6D:11:CC
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 77526A888291BA1A0F3C3682B1EF18BD6B91BD61
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e75e46c0-2d4d-42fd-a050-85f835672397.roa
Signing time: Fri 20 Jun 2025 00:20:02 +0000
ROA not before: Fri 20 Jun 2025 00:20:02 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:9000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:52:6a:88:82:91:ba:1a:0f:3c:36:82:b1:ef:18:bd:6b:91:bd:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:02 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=2d1dfd41513c511a679a86df71a62d27d4536b95db5feccf89f0dcbecb00f0ac, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c2:d1:3d:27:10:d8:7f:1c:96:9d:18:4f:26:
f0:dc:ce:3c:57:d2:62:52:a6:cb:1b:2e:92:b1:62:
1c:94:b3:5e:4f:24:72:91:30:9c:07:9d:9a:63:22:
92:af:ad:21:ff:da:15:5d:d3:5a:63:c0:c4:98:0d:
dc:21:19:4e:23:2b:c2:76:8a:17:fc:f3:1b:55:08:
7e:f0:99:e9:04:a7:cc:bb:03:86:3e:72:8e:fe:ca:
d7:04:2a:b6:91:65:10:00:de:f9:82:18:86:81:b7:
2a:6b:91:81:d6:9c:64:31:53:df:30:f3:84:b3:2e:
23:31:de:81:41:e9:ca:3f:6a:26:3d:27:04:5d:46:
55:4a:8a:09:47:3e:24:e4:f0:ea:61:af:33:14:88:
de:93:96:b3:78:e0:64:44:9d:06:8b:05:b2:cb:6f:
da:60:11:31:e9:4b:61:76:fd:6a:12:89:e6:9a:94:
c6:79:36:ce:0a:88:a9:87:8f:f4:70:f3:0e:26:6e:
d5:a7:33:3b:1d:40:30:17:84:3b:39:54:f6:f9:df:
7c:61:48:a4:4c:da:54:73:6d:3b:22:02:53:93:62:
12:eb:ea:2f:1c:b7:93:d1:01:be:6b:28:8b:db:49:
ba:81:30:c4:98:68:2d:43:9d:31:e8:ee:3b:ac:33:
ba:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:1B:9B:7F:78:1A:18:20:E5:8A:2B:A1:E2:CC:7F:34:A3:6D:11:CC
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e75e46c0-2d4d-42fd-a050-85f835672397.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:9000::/36
Signature Algorithm: sha256WithRSAEncryption
a5:84:7b:02:43:b7:cd:ba:26:59:9f:36:4d:a4:b9:30:64:d4:
99:4c:b3:60:1b:11:63:46:ed:5b:2b:7c:1e:f5:7c:05:64:4d:
8e:76:e4:88:1b:15:52:fc:a5:97:5d:b4:71:96:95:b6:be:e3:
02:47:17:3f:75:16:55:20:09:ec:ae:a6:4a:ff:0b:26:e9:d8:
d2:d2:07:34:d8:de:77:aa:93:99:a7:5d:00:2f:dd:f8:28:1c:
23:76:c3:a0:04:20:f3:a0:5b:cb:05:54:90:c8:51:95:6e:b9:
60:a4:6b:0a:ef:98:0f:8b:1e:c5:ea:d4:7f:80:e5:bc:8f:ac:
39:e0:5b:2c:f3:97:3c:b1:e2:88:2c:2f:57:68:7b:e1:ca:04:
9c:ac:cb:ab:72:fc:c9:af:19:51:d0:34:64:88:45:30:32:95:
ed:44:62:f3:93:0c:3b:8a:67:97:e1:10:fa:f3:ef:50:73:80:
e7:1a:e2:36:5f:12:12:4a:69:5d:2e:84:6e:f9:5a:39:35:44:
75:5b:79:47:51:26:3a:ce:07:ef:3f:5c:86:3d:3d:1c:12:e9:
07:c8:1f:e3:59:b1:0b:ac:11:d1:53:73:09:92:e3:4c:ca:b9:
60:ff:2b:b4:9a:cf:db:21:da:0f:1b:08:ba:c8:8e:dd:31:d6:
88:40:0b:b7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd1JqiIKRuhoPPDaCse8YvWuRvWEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwMDJaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkMWRmZDQxNTEzYzUxMWE2NzlhODZkZjcxYTYyZDI3ZDQ1MzZiOTVkYjVm
ZWNjZjg5ZjBkY2JlY2IwMGYwYWMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDC0T0nENh/HJadGE8m8NzOPFfSYlKmyxsukrFiHJSzXk8kcpEwnAedmmMi
kq+tIf/aFV3TWmPAxJgN3CEZTiMrwnaKF/zzG1UIfvCZ6QSnzLsDhj5yjv7K1wQq
tpFlEADe+YIYhoG3KmuRgdacZDFT3zDzhLMuIzHegUHpyj9qJj0nBF1GVUqKCUc+
JOTw6mGvMxSI3pOWs3jgZESdBosFsstv2mARMelLYXb9ahKJ5pqUxnk2zgqIqYeP
9HDzDiZu1aczOx1AMBeEOzlU9vnffGFIpEzaVHNtOyICU5NiEuvqLxy3k9EBvmso
i9tJuoEwxJhoLUOdMejuO6wzut0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRyG5t/
eBoYIOWKK6HizH80o20RzDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZTc1ZTQ2YzAtMmQ0ZC00MmZkLWEwNTAtODVmODM1NjcyMzk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eQ
MA0GCSqGSIb3DQEBCwUAA4IBAQClhHsCQ7fNuiZZnzZNpLkwZNSZTLNgGxFjRu1b
K3we9XwFZE2OduSIGxVS/KWXXbRxlpW2vuMCRxc/dRZVIAnsrqZK/wsm6djS0gc0
2N53qpOZp10AL934KBwjdsOgBCDzoFvLBVSQyFGVbrlgpGsK75gPix7F6tR/gOW8
j6w54Fss85c8seKILC9XaHvhygScrMurcvzJrxlR0DRkiEUwMpXtRGLzkww7imeX
4RD68+9Qc4DnGuI2XxISSmldLoRu+Vo5NUR1W3lHUSY6zgfvP1yGPT0cEukHyB/j
WbELrBHRU3MJkuNMyrlg/yu0ms/bIdoPGwi6yI7dMdaIQAu3
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:57:27 2025 by rpki-client